﻿using System;
using System.Collections.Generic;
using System.Data;

using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace ProjectSunny.Admin
{
    public partial class Login : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
                txtUserAdmin.Attributes.Add("onkeypress", "return clickButton(event,'" + btnLogin.ClientID + "')");
                txtPasswordAdmin.Attributes.Add("onkeypress", "return clickButton(event,'" + btnLogin.ClientID + "')");
                txtUserForget.Attributes.Add("onkeypress", "return clickButton(event,'" + btnForget.ClientID + "')");
                txtEmailForget.Attributes.Add("onkeypress", "return clickButton(event,'" + btnForget.ClientID + "')");
            }
        }

        protected void btnLogin_Click1(object sender, EventArgs e)
        {
            string loginuser = txtUserAdmin.Text;
            string loginpass = txtPasswordAdmin.Text;
            string matkhaulogin = LIB.Converter.Encode("sha1", loginpass);
            DataTable loginaccount = DAL.DCollector.DBCollector.Instance.CallSQL1Param("SELECT  *  FROM tbl_Account WHERE tbl_Account.Account_User = '" +loginuser + "' AND tbl_Account.Account_Password = '" +matkhaulogin + "'",true);

            if (loginaccount.Rows.Count == 0)
            {
                Response.Redirect("~/Admin/Login.aspx");
            }
            else
            {
                Session["Account_Role"] = loginaccount.Rows[0]["Account_Role"].ToString();

                Session["Account_ID"] = loginaccount.Rows[0]["Account_ID"].ToString();
               
                Session["Account_Avatar"] = loginaccount.Rows[0]["Account_Avatar"].ToString();
               
                Session["Account_qlsanpham"] = loginaccount.Rows[0]["Account_qlsanpham"].ToString();
                Session["Account_qldanhmuc"] = loginaccount.Rows[0]["Account_qldanhmuc"].ToString();
                Session["Account_qlhoadon"] = loginaccount.Rows[0]["Account_qlhoadon"].ToString();
                Session["Account_qlkhachhang"] = loginaccount.Rows[0]["Account_qlkhachhang"].ToString();
                Session["Account_qlgiaodien"] = loginaccount.Rows[0]["Account_qlgiaodien"].ToString();
                Session["UsernameAccount"] = txtUserAdmin.Text;
                Session["PasswordAccount"] = txtPasswordAdmin.Text;

                if (chkGhinho.Checked)
                {
                    HttpCookie cki = new HttpCookie("CookieUser");
                    cki.Value = txtUserAdmin.Text;
                    Response.Cookies.Add(cki);
                    cki.Expires = DateTime.MaxValue;
                    Response.Redirect("~/Admin/Index.aspx");
                }
                else
                {
                    Response.Redirect("~/Admin/Index.aspx");
                }
            }
        }

        protected void btnForget_Click(object sender, EventArgs e)
        {           
                string username = txtUserForget.Text;
                string email = txtEmailForget.Text;
                DataTable forgetpassword = DAL.DCollector.DBCollector.Instance.CallSQL1Param("SELECT count (*) as result  FROM tbl_Account WHERE tbl_Account.Account_User = '" +  username + "' AND tbl_Account.Account_Email = '" + email + "'",true);
                if (forgetpassword.Rows[0]["result"].ToString() != "0")
                {
                    string randomPass = LIB.Converter.RandomString(15).ToUpper();
                    string newpass = LIB.Converter.Encode("sha1", randomPass);
                    DAL.DHelpers.Column[] cl = new DAL.DHelpers.Column[1];
                    cl[0] = new DAL.DHelpers.Column("Account_Password", randomPass, DAL.DHelpers.DataType.DataTypeSql.Varchar);
                    string[] colWhere = new string[1];
                    colWhere[0] = "Account_Email";

                    object[] colValue = new object[1];
                    colValue[0] = newpass;
                    DAL.DCollector.DBCollector.Instance.CallSQL1Param( "UPDATE tbl_Account SET  Account_Password='"+ newpass+"' Where Account_Email='"+ email +"'",false);
                    LIB.Validate.SendMail(email, "Đây là password mới của bạn . Bạn vui lòng đăng nhập vào thay đổi password :\n" + randomPass);
                    Response.Redirect("~/Admin/Login.aspx");
                }
                else
                {
                    lblCheck.Text = "Bạn vui lòng kiểm tra lại Tài khoản & Email";
                }                       
        }
    }
}